INFSA-2025:20034: libtiff security update
Information about definition
Identificator: INFSA-2025:20034
Type: security
Release date: 2025-12-07 22:09:55 UTC
Information about package
The LibTIFF packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.
Vulnerabilities description
- CVE-2025-8176
LibTIFF could allow a local authenticated attacker to execute arbitrary code on the system, caused by an use-after-free in function get_histogram of the file tools/tiffmedian.c.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-8176
|
no information | 7.8 | no information |
Updated packages
Preparing to download...